The words Spectre and Meltdown sound like the name of some Hollywood thrillers (actually, Spectre is the twenty-fourth spy film in the James Bond film series), but this is not a film review, its actually pretty serious. Spectre and Meltdown are the names of two very serious security flaws that are found in computer processors.
This post does not expand on what those two flaws are, if you're interested in learning more about Meltdown and Spectre, there are numerous articles already floating on the internet that do a great job of explaining what they are.
The flaws are so serious that they have an official site and logos
On Linux systems however, if you want to check if your Linux system is vulnerable against the 3 "speculative execution" CVEs which are:
- CVE-2017-5753 bounds check bypass (Spectre Variant 1)
- CVE-2017-5715 branch target injection (Spectre Variant 2) and
- CVE-2017-5754 rogue data cache load (Meltdown)
You can use a script to check if your Linux Kernel has been patched to mitigate against the 3 CVEs mentioned above, the script in question is called Spectre & Meltdown Checker, download and run the script by running the following in your Linux terminal:
git clone https://github.com/speed47/spectre-meltdown-checker.git cd spectre-meltdown-checker sudo ./spectre-meltdown-checker.sh
The script will ask you to run it with root privileges if you want to get accurate results, running with root privileges will confirm if your system is vulnerable to the Meltdown and Spectre processor flaws as shown below: